job screening question

Ray Soucy rps at
Thu Jul 5 20:40:20 UTC 2012

I think if your goal is to see if they know that your shouldn't
blindly filter ICMP for IPv6, and you're specifically looking for
knowledge of PMTUD, then a better question would be "Please list the
problems that could occur if all ICMPv6 traffic is blocked between two
host systems."  Which should get you a minimum of neighbor discovery,
and up into PMTUD for those who have some knowledge on the subject.

If you just say ICMP your answers will be all over the place since
blocking of ICMP outright for endpoints is rampant today in the IPv4
world.  They might even know the answer but not think of it because of
the lack of context.

I generally try to stay away from any question that has a definitive
answer, as that will only tell you if they happened to read and retain
that piece of information somewhere along the way.

In my experience, people who have an "OK" understanding of Layer-3,
might not always have a good understanding of what happens below that.

A better approach might be to have an open ended question that asks
them to describe what events will take place for a pair of host
systems to communicate in as much detail as they can.

If you're asking the question you can leave it intentionally vague and
use the questions they ask to evaluate their ability to work through
problems; if it needs to be asked by HR then you can narrow it down to
include more detail.  A good applicant should be able to explain the
ARP process at a minimum.  If they can't they have no business being
in networking in a question like this.

I know it sounds trivial, but you'd be surprised how many "experts"
I've met who go blank at a question like this.

Even more telling than a correct answer is an incorrect answer.  I'm
always on the look-out for IT people who like to make stuff up; I have
no tolerance for that.

On Thu, Jul 5, 2012 at 1:02 PM, William Herrin <bill at> wrote:
> Hi folks,
> I gave my HR folks a screening question to ask candidates for an IP
> expert position. I've gotten some "unexpected" answers, so I want to
> do a sanity check and make sure I'm not asking something unreasonable.
> And by "unexpected" I don't mean naively incorrect answers, I mean
> oh-my-God-how-did-you-get-that-cisco-certification answers.
> The question was:
> You implement a firewall on which you block all ICMP packets. What
> part of the TCP protocol (not IP in general, TCP specifically)
> malfunctions as a result?
> My questions for you are:
> 1. As an expert who follows NANOG, do you know the answer? Or is this
> question too hard?
> 2. Is the question too vague? Is there a clearer way to word it?
> 3. Is there a better screening question I could pass to HR to ask and
> check the candidate's response against the supplied answer?
> Thanks,
> Bill Herrin
> --
> William D. Herrin ................ herrin at  bill at
> 3005 Crane Dr. ...................... Web: <>
> Falls Church, VA 22042-3004

Ray Soucy

Epic Communications Specialist

Phone: +1 (207) 561-3526

Networkmaine, a Unit of the University of Maine System

More information about the NANOG mailing list